phi/src/phi/ldap/entry.py

from ldap3 import ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES, MODIFY_ADD

from phi.logging import get_logger

log = get_logger(__name__)


def get_response(client, response_id):
    response, result, request = client.connection.get_response(
        response_id, get_request=True
    )

    log.debug("Request: {}".format(request))
    log.debug("Response: {}".format(response))
    log.debug("Result: {}".format(result))

    if result['description'] is not 'success':
        raise Exception(result['description'])

    return response


def get_entry_by_uid(client, uid):
    log.info("Searching entry with identifier: {}".format(uid))

    filter_ = "({}={})".format('uid', uid)
    log.debug("Search filter: {}".format(filter_))

    response_id = client.connection.search(
        client.base_dn, filter_,
        search_scope='SUBTREE',
        attributes=[ALL_ATTRIBUTES]
    )

    response = get_response(client, response_id)

    if not response:
        return None

    if len(response) > 1:
        log.error("Looking for exactly one result but server gave {}. "
                  "Taking the first and ignoring the rest."
                  .format(len(response)))

    return response[0]


def get_entries_by_ou(client, ou):
    log.info("Searching entries with organizational unit: {}".format(ou))

    dn = 'ou={},{}'.format(ou, client.base_dn)
    log.debug("Search dn: {}".format(dn))

    response_id = client.connection.search(
        dn, '(objectclass=person)',
        search_scope='SUBTREE',
        attributes=[ALL_ATTRIBUTES]
    )

    response = get_response(client, response_id)
    return response


def get_group_by_cn(client, cn):
    log.info("Searching groups with common name: {}".format(cn))

    dn = 'cn={},ou=Groups,{}'.format(cn, client.base_dn)
    log.debug("Search dn: {}".format(dn))

    response_id = client.connection.search(
        dn, '(objectclass=groupOfNames)',
        search_scope='SUBTREE',
        attributes=[ALL_ATTRIBUTES]
    )

    response = get_response(client, response_id)

    if not response:
        return None

    if len(response) > 1:
        log.error("Looking for exactly one result but server gave {}. "
                  "Taking the first and ignoring the rest."
                  .format(len(response)))

    return response[0]


def add_entry(client, dn, attributes):
    log.info('Adding entry with distinguiscet name: {}'
             'and attributes {}'.format(dn, attributes))
    response_id = client.connection.add(dn, attributes=attributes)
    response = get_response(client, response_id)
    return response


def delete_entry(client, dn):
    log.info('Deleting entry with distinguiscet name: {}')
    response_id = client.connection.delete(dn)
    response = get_response(client, response_id)
    return response


def get_group_members(client, group_cn):
    group = get_group_by_cn(client, group_cn)
    members = group['attributes']['member']

    # log.debug('Found members: {}'.format(members))
    return members


def add_group_member(client, group_cn, member_uid):
    member_dn = 'uid={},ou=Hackers,dc=unit,dc=macaomilano,dc=org'.format(
                    member_uid)
    group_dn = 'cn={},ou=Groups,dc=unit,dc=macaomilano,dc=org'.format(
                group_cn)

    # log.debug('Found adding {} to {}'.format(member_uid, group_cn))
    response_id = client.connection.modify(
        group_dn,
        {'member': [(MODIFY_ADD, [member_dn])]}
    )

    return get_response(client, response_id)
Add to groups 2020-10-04 23:01:38 +02:00			`from ldap3 import ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES, MODIFY_ADD`
Add API for retrieving user info 2017-12-21 13:44:54 +01:00
			`from phi.logging import get_logger`

			`log = get_logger(__name__)`


Clean abstraction 2020-10-04 17:45:09 +02:00			`def get_response(client, response_id):`
			`response, result, request = client.connection.get_response(`
			`response_id, get_request=True`
			`)`

			`log.debug("Request: {}".format(request))`
			`log.debug("Response: {}".format(response))`
			`log.debug("Result: {}".format(result))`

			`if result['description'] is not 'success':`
			`raise Exception(result['description'])`

			`return response`


Add API for retrieving user info 2017-12-21 13:44:54 +01:00			`def get_entry_by_uid(client, uid):`
			`log.info("Searching entry with identifier: {}".format(uid))`

Remove attribute mapping 2020-09-30 16:38:31 +02:00			`filter_ = "({}={})".format('uid', uid)`
Add API for retrieving user info 2017-12-21 13:44:54 +01:00			`log.debug("Search filter: {}".format(filter_))`

			`response_id = client.connection.search(`
			`client.base_dn, filter_,`
			`search_scope='SUBTREE',`
Search by organizational unit 2020-09-30 18:42:28 +02:00			`attributes=[ALL_ATTRIBUTES]`
Add API for retrieving user info 2017-12-21 13:44:54 +01:00			`)`

Clean abstraction 2020-10-04 17:45:09 +02:00			`response = get_response(client, response_id)`
Add API for retrieving user info 2017-12-21 13:44:54 +01:00
			`if not response:`
			`return None`

Clean abstraction 2020-10-04 17:45:09 +02:00			`if len(response) > 1:`
Fix typo 2020-09-30 16:42:53 +02:00			`log.error("Looking for exactly one result but server gave {}. "`
Add API for retrieving user info 2017-12-21 13:44:54 +01:00			`"Taking the first and ignoring the rest."`
			`.format(len(response)))`

			`return response[0]`
Search by organizational unit 2020-09-30 18:42:28 +02:00

			`def get_entries_by_ou(client, ou):`
			`log.info("Searching entries with organizational unit: {}".format(ou))`

			`dn = 'ou={},{}'.format(ou, client.base_dn)`
			`log.debug("Search dn: {}".format(dn))`

			`response_id = client.connection.search(`
			`dn, '(objectclass=person)',`
			`search_scope='SUBTREE',`
			`attributes=[ALL_ATTRIBUTES]`
			`)`

Clean abstraction 2020-10-04 17:45:09 +02:00			`response = get_response(client, response_id)`
			`return response`


Add to groups 2020-10-04 23:01:38 +02:00			`def get_group_by_cn(client, cn):`
			`log.info("Searching groups with common name: {}".format(cn))`

			`dn = 'cn={},ou=Groups,{}'.format(cn, client.base_dn)`
			`log.debug("Search dn: {}".format(dn))`

			`response_id = client.connection.search(`
			`dn, '(objectclass=groupOfNames)',`
			`search_scope='SUBTREE',`
			`attributes=[ALL_ATTRIBUTES]`
			`)`

			`response = get_response(client, response_id)`

			`if not response:`
			`return None`

			`if len(response) > 1:`
			`log.error("Looking for exactly one result but server gave {}. "`
			`"Taking the first and ignoring the rest."`
			`.format(len(response)))`

			`return response[0]`


Clean abstraction 2020-10-04 17:45:09 +02:00			`def add_entry(client, dn, attributes):`
			`log.info('Adding entry with distinguiscet name: {}'`
			`'and attributes {}'.format(dn, attributes))`
			`response_id = client.connection.add(dn, attributes=attributes)`
			`response = get_response(client, response_id)`
			`return response`

Search by organizational unit 2020-09-30 18:42:28 +02:00
Clean abstraction 2020-10-04 17:45:09 +02:00			`def delete_entry(client, dn):`
			`log.info('Deleting entry with distinguiscet name: {}')`
			`response_id = client.connection.delete(dn)`
			`response = get_response(client, response_id)`
Search by organizational unit 2020-09-30 18:42:28 +02:00			`return response`
Add to groups 2020-10-04 23:01:38 +02:00

			`def get_group_members(client, group_cn):`
			`group = get_group_by_cn(client, group_cn)`
			`members = group['attributes']['member']`

			`# log.debug('Found members: {}'.format(members))`
			`return members`


			`def add_group_member(client, group_cn, member_uid):`
			`member_dn = 'uid={},ou=Hackers,dc=unit,dc=macaomilano,dc=org'.format(`
			`member_uid)`
			`group_dn = 'cn={},ou=Groups,dc=unit,dc=macaomilano,dc=org'.format(`
			`group_cn)`

			`# log.debug('Found adding {} to {}'.format(member_uid, group_cn))`
			`response_id = client.connection.modify(`
			`group_dn,`
			`{'member': [(MODIFY_ADD, [member_dn])]}`
			`)`

			`return get_response(client, response_id)`